Allow configuration of headers through nested builder

Issue: gh-5557
This commit is contained in:
Eleftheria Stein
2019-06-25 15:27:34 -04:00
parent 6986cf3ef3
commit 758397f102
5 changed files with 651 additions and 1 deletions

View File

@@ -43,6 +43,15 @@ public class ContentSecurityPolicyHeaderWriterTests {
writer = new ContentSecurityPolicyHeaderWriter(DEFAULT_POLICY_DIRECTIVES);
}
@Test
public void writeHeadersWhenNoPolicyDirectivesThenUsesDefault() {
ContentSecurityPolicyHeaderWriter noPolicyWriter = new ContentSecurityPolicyHeaderWriter();
noPolicyWriter.writeHeaders(request, response);
assertThat(response.getHeaderNames()).hasSize(1);
assertThat(response.getHeader("Content-Security-Policy")).isEqualTo(DEFAULT_POLICY_DIRECTIVES);
}
@Test
public void writeHeadersContentSecurityPolicyDefault() {
writer.writeHeaders(request, response);
@@ -64,6 +73,16 @@ public class ContentSecurityPolicyHeaderWriterTests {
assertThat(response.getHeader("Content-Security-Policy")).isEqualTo(policyDirectives);
}
@Test
public void writeHeadersWhenNoPolicyDirectivesReportOnlyThenUsesDefault() {
ContentSecurityPolicyHeaderWriter noPolicyWriter = new ContentSecurityPolicyHeaderWriter();
writer.setReportOnly(true);
noPolicyWriter.writeHeaders(request, response);
assertThat(response.getHeaderNames()).hasSize(1);
assertThat(response.getHeader("Content-Security-Policy")).isEqualTo(DEFAULT_POLICY_DIRECTIVES);
}
@Test
public void writeHeadersContentSecurityPolicyReportOnlyDefault() {
writer.setReportOnly(true);